This privacy notice describes how we gather and use certain information about you.
This notice also describes how your personal data are collected, handled and stored to comply with the law, and protect you. It also informs you of your rights under the European General Data Protection Regulation (GDPR) law and how we will comply with those rights.
Simply Digital Consulting Limited, also known as Simply Digital, is registered with the Information Commissioner’s Office (ICO) as Simply Digital Consulting Limited under registration number ZA315381.
Our website is hosted by Zen Internet.
Zen Internet records the IP addresses of visitors to our website in order to monitor and report on the effectiveness of the site and to help us improve it.
We will store your data because of the following reason(s):
You have given your consent for us to store your data.
We will request your consent to retain your data every 12 months.
If you have done business with us in the last 6 years, we are required by the UK HMRC regulations to retain invoices which may contain personal information as part of our financial records.
Specific questions about why we store your data can be directed to the Data Protection Officer via email at firstname.lastname@example.org.
Some personal data are stored on paper. When not actively in use, paper records or files will be kept in a locked drawer or filing cabinet. Personal data printouts will be shredded and disposed of securely when no longer required.
When personal data are stored electronically, they will be protected from unauthorised access, accidental deletion and malicious hacking attempts. If data are stored on removable media (like a CD or DVD), these will be kept locked away securely when not being used.
Personal data will only be stored on designated drives and servers, and will only be transferred outside the EU in compliance with the conditions for transfer set out in Chapter V (page 60) of the GDPR.
If your personal data are stored only due to your consent, upon withdrawal of your consent, your personal data will be removed after a maximum of 30 days.
Specific questions about how we store your data safely can be directed to the Data Protection Officer via email at email@example.com.
The personal information gathered remains within in our systems as long as the reasons given in “Why we store your data” still apply.
Simply Digital will take all reasonable measures to protect your personal data when in use.
Simply Digital may at times need to transfer personal data electronically. Personal data will be encrypted before being transferred electronically. Personal data will never be transferred outside the EU except in compliance with the conditions for transfer set out in Chapter V (page 60) of the GDPR.
Simply Digital will not share your information for marketing purposes except with your prior explicit consent.
When personal data are shared with third parties, a written agreement with that third party will be in place ensuring the third party complies with the requirements of the GDPR. Simply Digital will contact the third party to update their records based upon any corrections, consent withdrawal, or right for erasure requests.
We intend that your personal data are as accurate as possible.
Our staff will take every opportunity to ensure data are updated. For instance, by confirming a customer’s details when they call.
If you are aware of any corrections needed, please contact us via email at firstname.lastname@example.org or phone 07762 792814.
The GDPR give you the following rights:
Right to be informed - this is the propose of this privacy statement. In the event of any changes to this privacy statement, where we have your consent to contact you or a contract with you, we will inform you.
Right of access - All individuals who are the subject of personal data held by Simply Digital are entitled to copy of the information held. This is called a subject access request.
Subject access requests should be made by email, addressed to the Data Protection Officer at email@example.com.
The Data Protection Officer can supply a standard request form, although you do not have to use this.
Individuals will not be charged for the initial subject access request. Subsequent requests within one year of the initial request will be charged at £10.
The Data Protection Officer will provide the relevant data within one calendar month.
The Data Protection Officer will always verify the identity of anyone making a subject access request before handing over any information.
Right of rectification - If you are aware of any corrections needed, please contact us via email at firstname.lastname@example.org or phone 07762 792814.
Right to erasure - also known as the right to be forgotten. You have the right to removal of all your personal data where there is no compelling reason for its continued storage or use.
Right to restrict processing - you have the right to prevent use of your personal data, even when they are stored in our records.
Right to data portability - you have the right to obtain a usable copy of your personal data stored by Simply Digital. See “right of access” if you need to exercise this right.
Right to object - see “right to restrict processing”.
Rights in relation to automated decision making and profiling.
For more information, please visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
In certain circumstances, the GDPR allows personal data to be disclosed to law enforcement agencies without the consent of the individual affected. Under these circumstances, Simply Digital will disclose requested data. However, the Data Protection Officer will ensure the request is legitimate, seeking assistance from the Board of Directors and from legal advisers where necessary.
Specific questions not covered here can be directed to the Data Protection Officer via email at email@example.com or by writing to the Data Protection Officer at Simply Digital, 23 Spencers Road, Maidenhead, Berkshire, SL6 6LJ.